ByteOS Network

Vulnerability Details :

CVE-2024-49913

Assigner-Linux

Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published At-21 Oct, 2024 | 18:01

Updated At-03 Nov, 2025 | 22:23

drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream This commit addresses a null pointer dereference issue in the `commit_planes_for_stream` function at line 4140. The issue could occur when `top_pipe_to_program` is null. The fix adds a check to ensure `top_pipe_to_program` is not null before accessing its stream_res. This prevents a null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:4140 commit_planes_for_stream() error: we previously assumed 'top_pipe_to_program' could be null (see line 3906)

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:Linux

Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published At:21 Oct, 2024 | 18:01

Updated At:03 Nov, 2025 | 22:23

▼CVE Numbering Authority (CNA)

drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream

Affected Products

Vendor

Linux Kernel Organization, Inc

Product

Linux

Repo

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Program Files

drivers/gpu/drm/amd/display/dc/core/dc.c

Default Status

unaffected

Versions

Affected

From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before 1ebfa6663807c144be8c8b6727375012409d2356 (git)
From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before 8ab59527852a6f7780aad6185729550ca0569122 (git)
From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before 40193ff73630adf76bc0d82398f7d90fb576dba4 (git)
From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before e47e563c6f0db7d792a559301862c19ead0dfc2f (git)
From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before 3929e382e4758aff42da0102a60d13337c99d3b8 (git)
From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before 73efd2a611b62fee71a7b7f27d9d08bb60da8a72 (git)
From 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c before 66d71a72539e173a9b00ca0b1852cbaa5f5bf1ad (git)

Vendor

Linux Kernel Organization, Inc

Product

Linux

Repo

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Program Files

drivers/gpu/drm/amd/display/dc/core/dc.c

Default Status

affected

Versions

Affected

4.15

Unaffected

From 0 before 4.15 (semver)
From 5.10.227 through 5.10.* (semver)
From 5.15.168 through 5.15.* (semver)
From 6.1.113 through 6.1.* (semver)
From 6.6.55 through 6.6.* (semver)
From 6.10.14 through 6.10.* (semver)
From 6.11.3 through 6.11.* (semver)
From 6.12 through * (original_commit_for_fix)

References

Hyperlink	Resource
https://git.kernel.org/stable/c/1ebfa6663807c144be8c8b6727375012409d2356	N/A
https://git.kernel.org/stable/c/8ab59527852a6f7780aad6185729550ca0569122	N/A
https://git.kernel.org/stable/c/40193ff73630adf76bc0d82398f7d90fb576dba4	N/A
https://git.kernel.org/stable/c/e47e563c6f0db7d792a559301862c19ead0dfc2f	N/A
https://git.kernel.org/stable/c/3929e382e4758aff42da0102a60d13337c99d3b8	N/A
https://git.kernel.org/stable/c/73efd2a611b62fee71a7b7f27d9d08bb60da8a72	N/A
https://git.kernel.org/stable/c/66d71a72539e173a9b00ca0b1852cbaa5f5bf1ad	N/A

Hyperlink: https://git.kernel.org/stable/c/1ebfa6663807c144be8c8b6727375012409d2356

Resource: N/A

Hyperlink: https://git.kernel.org/stable/c/8ab59527852a6f7780aad6185729550ca0569122

Resource: N/A

Hyperlink: https://git.kernel.org/stable/c/40193ff73630adf76bc0d82398f7d90fb576dba4

Resource: N/A

Hyperlink: https://git.kernel.org/stable/c/e47e563c6f0db7d792a559301862c19ead0dfc2f

Resource: N/A

Hyperlink: https://git.kernel.org/stable/c/3929e382e4758aff42da0102a60d13337c99d3b8

Resource: N/A

Hyperlink: https://git.kernel.org/stable/c/73efd2a611b62fee71a7b7f27d9d08bb60da8a72

Resource: N/A

Hyperlink: https://git.kernel.org/stable/c/66d71a72539e173a9b00ca0b1852cbaa5f5bf1ad

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CISA ADP Vulnrichment

Metrics Other Info

2. CVE Program Container

References

Hyperlink	Resource
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html	N/A
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html	N/A

Hyperlink: https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Resource: N/A

Hyperlink: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Resource: N/A

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published At:21 Oct, 2024 | 18:15

Updated At:03 Nov, 2025 | 23:16

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CPE Matches

Linux Kernel Organization, Inc

>>linux_kernel>>Versions before 5.10.227(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.168(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 5.16(inclusive) to 6.1.113(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 6.2(inclusive) to 6.6.55(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 6.7(inclusive) to 6.10.14(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 6.11(inclusive) to 6.11.3(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-476	Primary	nvd@nist.gov

CWE ID: CWE-476

Type: Primary

Source: nvd@nist.gov